Web security is getting tougher every day. Phishing sites, cloned landing pages, malicious scripts, and many others are doing increasing damage every day. Users need to be cautious while browsing, and webmasters should be proactive with their site and server security.
I am providing a list of free 25 online tools to check website and server security. List is arranged as per use by regular users (1-16) to developers (all).
1. Google Safe Browsing and Webmaster
Safe Browsing is now a part of Chrome and Firefox (no one like laggy IE anyway). However, this doesn’t mean you can’t check a site. Use this link and add a link (without ‘http’) to check as shown,
Webmaster is not for Internet users but site admins and developers. You already know that you can signup and verify your website. If there is any malicious activity on your site, you will receive email and alerts.
VirusTotal doesn’t need introduction. This free service specializes in checking your files online using their powerful cloud technology, which comprises of 50 antivirus. This includes some big names like BitDefender and Norton. This same VirusTotal also offers you an option to check website/URL or online file directly. Here is the link,
This might be the new name for average user, but webmasters know it very well. Sucuri is just not only a tool to check website it’s a complete website monitoring, backup, alerting and malware removal online suite. The results are amazing and their credibility talks since 2004. This check will give you deep link and current status of a site.
4. AVG Online Web page Scanner
AVG uses its proprietary LinScanner Drop Zone technology to check any address you want. Detail results can be seen by option ‘Show More About Malware Activity’. Remember that this deduces the result on the 30-day basis. Site owners can ‘Claim the site’ from sidebar and also may tag their site with keywords. SEO? I don’t know. Try it.
This is a free tool provided by Comodo. We all know Comodo firewall for its strength. This check takes a little longer time than others but gives you results in understanding way. It also shows you Whois and server location.
6. Norton SafeWeb
Norton SafeWeb backed with their antivirus and SafeWeb technology checks the site quickly. This may not work for newly created website as this tool seems to work on the indexing basis. Some pages may show results while some will not.
When all big names are jumping in then why should McAfee stay behind? Threat-center page gives numerous options to run online tests like DNS check, Domain name check, IP address check, etc. This makes it more of a complete online solution.
This is not all. McAfee also provides another tool to check the site, which is backed by their popular SiteAdvisor. The area to test site is present on the sidebar.
TrendMicro offers a number of free online tools to help with security. There is a basic website check for regular users which also shows the classification for website.
Webmaster can also ask for reclassification of URL. Furthermore, there is an email IP check for Webmasters,
Ok! This actually doesn’t qualify as a security scanner but more as Website Reputation System. I introduced it because it is very useful for a regular user, and it shows results from Google, Norton, WOT, etc.
Website owners can claim and verify their sites. There are some services available after that.
A quick scanner for everyday user. ScanURL uses 10+ services to provide you one final result. Pretty handy!
As per site, URLvoid has won various awards and is named in MakeUseof, PC world, Chip Online, etc. The results are collected from various sites and are shown in a friendly manner.
12. Online Scan
Another free Online Virus Scanner which takes it results from Google, PhisTank, SpyEye, Web Security Guard, and Browser Defender. The scan result is concise and enough from a user perspective.
13. BrightCloud by WebRoot
Free service provided by WebRoot antivirus makers. This is quite straight test and don’t expect a high score if a website is new.
This comes straight from ByteLabs and is powered by well known ClamAV. This is more of antivirus checking tools.
I think; this is a must tool to be used by a user when they suspect of phishing. PhisTank is operated by OpenDNS – a well-known name. It checks for any report received for a website about phishing. A huge community supports and makes it work. They also provide an open API for developers.
iLockout name is known for providing security products for WordPress, Joomla, Magento, etc. The free scan is available to everyone. The check is very quick and displays useful information.
Good tool for daily user and devs as this can find out server location, IP address, Blacklisting status, executed Java scripts and intrusion reports.
This is a very unique tool which is very easy to use. It also checks for W3C validation, DNS records, SEO, Pageranks, Coding issues, etc. It requires a sign-up which is free and comes with 10 Credits. One credit is required for one scan. It breaks down the results so you can fix them. There is a small bug. If you waited for long enough and counter is not stopping, just refresh.
GamaSec is an enterprise level service, but you can use the free link to check the website and its hosted files. In my case, it also traced to CDN subdomain and scanned it too. Pretty awesome, I will say.
The name didn’t, but the scanning system did impress me. Quettra performs a detailed and deep malware check. It downloads nearly all publicly available files from your server, checks them and then displays a report. I was irritated with long waiting time but almost forgot it when I saw the extensive report.
This service is well known for enterprise level security suite. They also offer a free website checking tool which is available only to website owners as you will need a company email (domain email). Sign-up is free with 10 scans and doesn’t need a credit card.
Warning: Scan takes a very long time and may hurt your feelings (results are an eye opener). There is also chance of receiving some offer emails.
It is focused toward webmasters. ScanToSecure may come very handy for developers as they also has script checking engines. A good hunting tool for malicious codes.
Though in Spanish, it is really impressive site and tool. This check focuses on simple things like Https, Metadata, software versions of Mysql, PHP, etc.
Another good one for site owners and devs. It shows you decoded files and character of code execution. Make sure to click the Private option.
This free service analyzes web-based threats and supports JAVA, Flash and PDF files. It is really useful for developers and webmasters as it targets the code activity when a website is loading.
There are some others also, which couldn’t make it to main list, as either they are very basic or simply irritating.
Following are free tools using Google Safe Browsing,
– Unmask parasite from Sucuri
And some more,
Web Security Guard, Browser Defender and ScanMyServer
I hope I could list nearly everything. Do you use such service? Or is there any other I missed? Share with me.